This patch adds build support for the network filtering framework.

Signed-off-by: Stefan Berger <stefanb@us.ibm.com>

---
 configure.ac             |   12 ++++++++++++
 daemon/Makefile.am       |    4 ++++
 src/Makefile.am          |   34 +++++++++++++++++++++++++++++++++-
 src/libvirt_private.syms |   39 +++++++++++++++++++++++++++++++++++++++
 src/libvirt_public.syms  |   14 ++++++++++++++
 5 files changed, 102 insertions(+), 1 deletion(-)

Index: libvirt-acl/src/Makefile.am
===================================================================
--- libvirt-acl.orig/src/Makefile.am
+++ libvirt-acl/src/Makefile.am
@@ -97,9 +97,17 @@ DOMAIN_EVENT_SOURCES =						\
 		conf/domain_event.c conf/domain_event.h
 
 # Network driver generic impl APIs
-NETWORK_CONF_SOURCES =                                         \
+NETWORK_CONF_SOURCES =						\
 		conf/network_conf.c conf/network_conf.h
 
+# Network filter driver generic impl APIs
+NWFILTER_PARAM_CONF_SOURCES =					\
+		conf/nwfilter_params.c conf/nwfilter_conf.h
+
+NWFILTER_CONF_SOURCES =					\
+		$(NWFILTER_PARAM_CONF_SOURCES)			\
+		conf/nwfilter_conf.c conf/nwfilter_conf.h
+
 # Storage driver generic impl APIs
 STORAGE_CONF_SOURCES =                                         \
 		conf/storage_conf.h conf/storage_conf.c
@@ -126,6 +134,7 @@ CONF_SOURCES =							\
 		$(DOMAIN_CONF_SOURCES)				\
 		$(DOMAIN_EVENT_SOURCES)				\
 		$(NETWORK_CONF_SOURCES)				\
+		$(NWFILTER_CONF_SOURCES)			\
 		$(NODE_DEVICE_CONF_SOURCES)			\
 		$(STORAGE_CONF_SOURCES)				\
 		$(ENCRYPTION_CONF_SOURCES)			\
@@ -275,6 +284,11 @@ STORAGE_DRIVER_DISK_SOURCES =					\
 STORAGE_HELPER_DISK_SOURCES =					\
 		storage/parthelper.c
 
+# Network filters
+NWFILTER_DRIVER_SOURCES =					\
+		nwfilter/nwfilter_driver.h nwfilter/nwfilter_driver.c	\
+		nwfilter/nwfilter_gentech_driver.c 			\
+		nwfilter/nwfilter_ebiptables_driver.c
 
 # Security framework and drivers for various models
 SECURITY_DRIVER_SOURCES =					\
@@ -718,6 +732,22 @@ endif
 endif
 
 
+if WITH_NWFILTER
+if WITH_DRIVER_MODULES
+mod_LTLIBRARIES += libvirt_driver_nwfilter.la
+else
+libvirt_la_LIBADD += libvirt_driver_nwfilter.la
+noinst_LTLIBRARIES += libvirt_driver_nwfilter.la
+endif
+libvirt_driver_nwfilter_la_CFLAGS = \
+		-I@top_srcdir@/src/conf
+if WITH_DRIVER_MODULES
+libvirt_driver_nwfilter_la_LDFLAGS = -module -avoid-version ../gnulib/lib/libgnu.la
+endif
+libvirt_driver_nwfilter_la_SOURCES = $(NWFILTER_DRIVER_SOURCES)
+endif
+
+
 libvirt_driver_security_la_SOURCES = $(SECURITY_DRIVER_SOURCES)
 noinst_LTLIBRARIES += libvirt_driver_security.la
 libvirt_la_LIBADD += libvirt_driver_security.la
@@ -761,6 +791,7 @@ EXTRA_DIST +=							\
 		$(NODE_DEVICE_DRIVER_SOURCES)			\
 		$(NODE_DEVICE_DRIVER_HAL_SOURCES)		\
 		$(NODE_DEVICE_DRIVER_UDEV_SOURCES)		\
+		$(NWFILTER_DRIVER_SOURCES)			\
 		$(SECURITY_DRIVER_SELINUX_SOURCES)		\
 		$(SECURITY_DRIVER_APPARMOR_SOURCES)		\
 		$(SECRET_DRIVER_SOURCES)			\
@@ -903,6 +934,7 @@ libvirt_lxc_SOURCES =						\
 		$(NODE_INFO_SOURCES)				\
 		$(ENCRYPTION_CONF_SOURCES)			\
 		$(DOMAIN_CONF_SOURCES)				\
+		$(NWFILTER_PARAM_CONF_SOURCES)			\
 		$(CPU_CONF_SOURCES)
 libvirt_lxc_LDFLAGS = $(WARN_CFLAGS) $(COVERAGE_LDCFLAGS) $(CAPNG_LIBS) $(YAJL_LIBS)
 libvirt_lxc_LDADD = $(LIBXML_LIBS) $(NUMACTL_LIBS) ../gnulib/lib/libgnu.la
Index: libvirt-acl/src/libvirt_private.syms
===================================================================
--- libvirt-acl.orig/src/libvirt_private.syms
+++ libvirt-acl/src/libvirt_private.syms
@@ -105,6 +105,8 @@ virUnrefConnect;
 virUnrefSecret;
 virGetStream;
 virUnrefStream;
+virGetNWFilter;
+virUnrefNWFiler;
 
 
 # domain_conf.h
@@ -294,6 +296,7 @@ virRegisterNetworkDriver;
 virRegisterStorageDriver;
 virRegisterDeviceMonitor;
 virRegisterSecretDriver;
+virRegisterNWFilterDriver;
 
 
 # json.h
@@ -429,6 +432,42 @@ virNodeDeviceGetWWNs;
 virNodeDeviceGetParentHost;
 
 
+# nwfilter_conf.h
+virNWFilterPoolLoadAllConfigs;
+virNWFilterPoolObjAssignDef;
+virNWFilterPoolObjSaveDef;
+virNWFilterPoolObjFindByName;
+virNWFilterPoolObjFindByUUID;
+virNWFilterPoolObjLock;
+virNWFilterPoolObjUnlock;
+virNWFilterPoolObjRemove;
+virNWFilterDefFree;
+virNWFilterDefParseString;
+virNWFilterPoolObjDeleteDef;
+virNWFilterPoolObjListFree;
+virNWFilterDefFormat;
+virNWFilterChainSuffixTypeToString;
+virNWFilterRuleActionTypeToString;
+virNWFilterJumpTargetTypeToString;
+virNWFilterRegisterCallbackDriver;
+virNWFilterTestUnassignDef;
+virNWFilterConfLayerInit;
+virNWFilterConfLayerShutdown;
+
+
+#nwfilter_params.h
+virNWFilterHashTableCreate;
+virNWFilterHashTableFree;
+virNWFilterHashTablePut;
+virNWFilterHashTablePutAll;
+virNWFilterHashTableRemoveEntry;
+
+
+# nwfilter_gentech_driver.h
+virNWFilterInstantiateFilter;
+virNWFilterTeardownFilter;
+
+
 # pci.h
 pciGetDevice;
 pciFreeDevice;
Index: libvirt-acl/daemon/Makefile.am
===================================================================
--- libvirt-acl.orig/daemon/Makefile.am
+++ libvirt-acl/daemon/Makefile.am
@@ -116,6 +116,10 @@ endif
 if WITH_SECRETS
     libvirtd_LDADD += ../src/libvirt_driver_secret.la
 endif
+
+if WITH_NWFILTER
+    libvirtd_LDADD += ../src/libvirt_driver_nwfilter.la
+endif
 endif
 
 libvirtd_LDADD += ../src/libvirt.la
Index: libvirt-acl/configure.ac
===================================================================
--- libvirt-acl.orig/configure.ac
+++ libvirt-acl/configure.ac
@@ -294,6 +294,9 @@ if test x"$with_rhel5_api" = x"yes"; the
    AC_DEFINE([WITH_RHEL5_API], [1], [whether building for the RHEL-5 API])
 fi
 
+AC_PATH_PROG([BASH_PATH], [bash], /bin/bash, [/bin:$PATH])
+AC_DEFINE_UNQUOTED([BASH_PATH], "$BASH_PATH", [path to bash binary])
+
 AC_PATH_PROG([IPTABLES_PATH], [iptables], /sbin/iptables, [/usr/sbin:$PATH])
 AC_DEFINE_UNQUOTED([IPTABLES_PATH], "$IPTABLES_PATH", [path to iptables binary])
 
@@ -1268,6 +1271,15 @@ if test "$with_secrets" = "yes" ; then
 fi
 AM_CONDITIONAL([WITH_SECRETS], [test "$with_secrets" = "yes"])
 
+with_nwfilter=yes
+if test "$with_libvirtd" = "no"; then
+  with_nwfilter=no
+fi
+if test "$with_nwfilter" = "yes" ; then
+  AC_DEFINE([WITH_NWFILTER], 1, [whether local network filter management driver is available])
+fi
+AM_CONDITIONAL([WITH_NWFILTER], [test "$with_nwfilter" = "yes"])
+
 
 AC_ARG_WITH([storage-fs],
   AC_HELP_STRING([--with-storage-fs], [with FileSystem backend for the storage driver @<:@default=check@:>@]),[],[with_storage_fs=check])
Index: libvirt-acl/src/libvirt_public.syms
===================================================================
--- libvirt-acl.orig/src/libvirt_public.syms
+++ libvirt-acl/src/libvirt_public.syms
@@ -362,6 +362,20 @@ LIBVIRT_0.7.8 {
     global:
 	virStorageVolWipe;
         virDomainMigrateSetMaxDowntime;
+	virConnectListNWFilters;
+	virConnectNumOfNWFilters;
+	virNWFilterLookupByName;
+	virNWFilterLookupByUUID;
+	virNWFilterLookupByUUIDString;
+	virNWFilterFree;
+	virNWFilterGetName;
+	virNWFilterGetUUID;
+	virNWFilterGetUUIDString;
+	virNWFilterGetXMLDesc;
+	virNWFilterRef;
+	virNWFilterDefineXML;
+	virNWFilterUndefine;
 } LIBVIRT_0.7.7;
 
+
 # .... define new API here using predicted next version number ....